CoinVault, which infects Windows systems and encrypts files so its original owners can’t access them, has been used by hackers since last November to lock users out of their data and hold it for ransom.

The NHTCU recently came upon a CoinVault server and discovered a database of decryption keys. The agency shared them with Kaspersky to create a tool that helps unlock users’ encrypted files and restore them to their systems.

Over 700 PCs have fallen prey to CoinVault in The Netherlands alone, with more being affected in Germany and the US.

Kaspersky’s tool isn’t yet a foolproof solution as the NHTCU hasn’t actually secured all potential CoinVault keys from its lone server find. However the Dutch police are actively investigating the issue and hope to find new keys and boost the tool’s success rate.

You can find Kaspersky’s ransomware decryptor on the company’s site, along with a desktop decryption app and a helpful how-to guide.